Sign up for our weekly security newsletter

DOD Reports Threat of Foreign Software

A U.S. 'Department of Defense' task force will be alerting the Pentagon of an approaching threat to national security. There is going to be a security breach by adversaries who could install a malware in software developed abroad. The 'Defense Science Board' (DSB), a military cum civilian think tank integrated in DOD, will publish a report on a range of prevention and detection measures for the security violation likely to be early next year. But the report will be constrained in suggesting that all the military software procured be authored in the U.S., said the leader of the 'task force'.

All are familiar with the concern that programmers try to include Trojan horses, trapdoors and other malware in the code they create. In the Pentagon case, the Trojan would possibly use 'ActiveX startup mode' infused into 'iexplore.exe' with a 'rootkit' feature to conceal its files. As the systems are complex, with a high connectivity added with global software industry - they will all make the malware risk increasingly dangerous for the DOD.

The threat was really acute, feels Paul Strass Mann, a professor at 'George Mason University' in Fairfax, Va., and a one time CIO at the Pentagon. He notes that the essential issue is that when conditions become badly dependent on communications, there might occur a 'denial of service' and billion-dollar weapons getting dysfunctional.

In November 2006, Robert Lucky, the chairman of the DSB task force, said that all the code that DOD obtains is at risk, ranging from 'business software' to 'mission software' that aids efforts in fighting war. In its report, the DSB will highlight three factors - the large complexity of systems, their heightened connectivity, and the worldwide utility of the software industry that will join to make the malware danger serious for the DOD.

According to John Pescatore of 'Gartner Inc.', the private sector encounters similar threats, which has already started to imbibe some of the practices the DSB might recommend to the Pentagon. He added that similar risks also portend on the U.S. -developed software.

Agreeing with Pescatore, Lucky thinks the risk is greater for code written abroad.

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!